CVE-2013-2551

Microsoft Internet Explorer 6 dan 10 gacha bo'lgan "Foydalanishdan keyin bepul" zaifligi masofaviy tajovuzkorlarga o'chirilgan ob'ektga kirishni qo'zg'atuvchi tayyorlangan veb-sayt orqali o'zboshimchalik bilan kodni bajarishga imkon beradi, buni VUPEN tomonidan CanSecWest 2013 da Pwn2Own tanlovida ko'rsatilgan, ya'ni "Internet Explorer-dan keyin bepul zaiflik, C-23VE18 va C-23VE18-dan farqli foydalanish" CVE-2013-1309.

CVSS Vector

Manbalar

• http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Pwn2Own-2013/ba-p/5981157
• http://twitter.com/VUPEN/statuses/309479075385327617
• http://twitter.com/thezdi/statuses/309452625173176320
• http://www.us-cert.gov/ncas/alerts/TA13-134A
• https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-037